package com.z;

import com.z.relam.CustomerMd5Realm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import sun.security.provider.MD5;

import java.util.Arrays;

/**
 * @ProjectName: springboot-08-shiro
 * @Package: PACKAGE_NAME
 * @ClassName: TestCustomerMd5Authorization
 * @author: Arisapoke
 * @date: 2021/2/2 19:34
 * @Version: 1.0
 */
public class TestCustomerMd5Authorization {

    public static void main(String[] args) {
        //创建安全管理器
        DefaultSecurityManager defaultSecurityManager = new DefaultSecurityManager();
        //注入realm
        CustomerMd5Realm realm = new CustomerMd5Realm();
        //设置realm使用hash凭证匹配器
        HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
        //设置使用md5
        credentialsMatcher.setHashAlgorithmName("md5");


        //设置散列次数
        credentialsMatcher.setHashIterations(1024);


        realm.setCredentialsMatcher(credentialsMatcher);
        defaultSecurityManager.setRealm(realm);
        //将安全管理器注入安全工具
        SecurityUtils.setSecurityManager(defaultSecurityManager);
        //通过安全工具获取subject
        Subject subject = SecurityUtils.getSubject();
        //认证
        UsernamePasswordToken token = new UsernamePasswordToken("zhn", "123456");
        System.out.println();
        try {
            subject.login(token);
            System.out.println("login success");
        } catch (UnknownAccountException e) {
            e.printStackTrace();
            System.out.println("username error");
        }catch (IncorrectCredentialsException e){
            e.printStackTrace();
            System.out.println("password error");
        }
        //授权
        if (subject.isAuthenticated()){

            //基于角色权限控制
            System.out.println(subject.hasRole("admin"));
            //基于多角色的权限控制
            System.out.println(subject.hasAllRoles(Arrays.asList("admin", "user")));//true
            System.out.println(subject.hasAllRoles(Arrays.asList("admin", "manager")));//false
            //是否具有其中一个角色
            boolean[] booleans = subject.hasRoles(Arrays.asList("admin", "user", "manager"));
            for (boolean aBoolean : booleans) {
                System.out.println(aBoolean);
            }

            System.out.println("====这是一个分隔符====");

            //基于权限字符串的访问控制  资源标识符：操作：资源类型
            //用户具有的权限 user:*:01  prodect:*
            System.out.println("权限:"+subject.isPermitted("user:update:01"));
//            System.out.println("权限:"+subject.isPermitted("prodect:update:02"));
//
//            //分别具有哪些权限
//            boolean[] permitted = subject.isPermitted("user:*:01", "user:update:02");
//            for (boolean b : permitted) {
//                System.out.println(b);
//            }
//
//            //同时具有哪些权限
//            boolean permittedAll = subject.isPermittedAll("prodect:*:01", "prodect:update:03");
//            System.out.println(permittedAll);


        }


    }
}
